diff --git a/Gemfile b/Gemfile index f006f941..803a714f 100644 --- a/Gemfile +++ b/Gemfile @@ -3,7 +3,7 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" } ruby '~> 3.0.3' -gem 'rails', '~> 6.0.3', '>= 6.0.3.6' +gem 'rails', '~> 7.0' gem 'pg', '>= 0.18', '< 2.0' gem 'puma', '~> 4.3' gem 'sass-rails', '>= 6' @@ -41,7 +41,7 @@ gem 'sentry-rails' group :development, :test do gem 'byebug', platforms: [:mri, :mingw, :x64_mingw] - gem 'rspec-rails' + gem 'rspec-rails', '~> 6.0.0.rc1' gem 'dotenv-rails' gem 'rack-mini-profiler' gem 'faker' diff --git a/Gemfile.lock b/Gemfile.lock index d42b67df..54433ac7 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,81 +1,91 @@ GEM remote: https://rubygems.org/ specs: - actioncable (6.0.3.6) - actionpack (= 6.0.3.6) + actioncable (7.0.4) + actionpack (= 7.0.4) + activesupport (= 7.0.4) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (6.0.3.6) - actionpack (= 6.0.3.6) - activejob (= 6.0.3.6) - activerecord (= 6.0.3.6) - activestorage (= 6.0.3.6) - activesupport (= 6.0.3.6) + actionmailbox (7.0.4) + actionpack (= 7.0.4) + activejob (= 7.0.4) + activerecord (= 7.0.4) + activestorage (= 7.0.4) + activesupport (= 7.0.4) mail (>= 2.7.1) - actionmailer (6.0.3.6) - actionpack (= 6.0.3.6) - actionview (= 6.0.3.6) - activejob (= 6.0.3.6) + net-imap + net-pop + net-smtp + actionmailer (7.0.4) + actionpack (= 7.0.4) + actionview (= 7.0.4) + activejob (= 7.0.4) + activesupport (= 7.0.4) mail (~> 2.5, >= 2.5.4) + net-imap + net-pop + net-smtp rails-dom-testing (~> 2.0) - actionpack (6.0.3.6) - actionview (= 6.0.3.6) - activesupport (= 6.0.3.6) - rack (~> 2.0, >= 2.0.8) + actionpack (7.0.4) + actionview (= 7.0.4) + activesupport (= 7.0.4) + rack (~> 2.0, >= 2.2.0) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (6.0.3.6) - actionpack (= 6.0.3.6) - activerecord (= 6.0.3.6) - activestorage (= 6.0.3.6) - activesupport (= 6.0.3.6) + actiontext (7.0.4) + actionpack (= 7.0.4) + activerecord (= 7.0.4) + activestorage (= 7.0.4) + activesupport (= 7.0.4) + globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (6.0.3.6) - activesupport (= 6.0.3.6) + actionview (7.0.4) + activesupport (= 7.0.4) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.1, >= 1.2.0) - active_model_serializers (0.10.10) - actionpack (>= 4.1, < 6.1) - activemodel (>= 4.1, < 6.1) + active_model_serializers (0.10.13) + actionpack (>= 4.1, < 7.1) + activemodel (>= 4.1, < 7.1) case_transform (>= 0.2) jsonapi-renderer (>= 0.1.1.beta1, < 0.3) - activejob (6.0.3.6) - activesupport (= 6.0.3.6) + activejob (7.0.4) + activesupport (= 7.0.4) globalid (>= 0.3.6) - activemodel (6.0.3.6) - activesupport (= 6.0.3.6) - activerecord (6.0.3.6) - activemodel (= 6.0.3.6) - activesupport (= 6.0.3.6) - activestorage (6.0.3.6) - actionpack (= 6.0.3.6) - activejob (= 6.0.3.6) - activerecord (= 6.0.3.6) - marcel (~> 1.0.0) - activesupport (6.0.3.6) + activemodel (7.0.4) + activesupport (= 7.0.4) + activerecord (7.0.4) + activemodel (= 7.0.4) + activesupport (= 7.0.4) + activestorage (7.0.4) + actionpack (= 7.0.4) + activejob (= 7.0.4) + activerecord (= 7.0.4) + activesupport (= 7.0.4) + marcel (~> 1.0) + mini_mime (>= 1.1.0) + activesupport (7.0.4) concurrent-ruby (~> 1.0, >= 1.0.2) - i18n (>= 0.7, < 2) - minitest (~> 5.1) - tzinfo (~> 1.1) - zeitwerk (~> 2.2, >= 2.2.2) - acts-as-taggable-on (8.1.0) - activerecord (>= 5.0, < 6.2) - addressable (2.8.0) - public_suffix (>= 2.0.2, < 5.0) - bcrypt (3.1.16) + i18n (>= 1.6, < 2) + minitest (>= 5.1) + tzinfo (~> 2.0) + acts-as-taggable-on (9.0.1) + activerecord (>= 6.0, < 7.1) + addressable (2.8.1) + public_suffix (>= 2.0.2, < 6.0) + bcrypt (3.1.18) bindex (0.8.1) - bootsnap (1.11.1) + bootsnap (1.13.0) msgpack (~> 1.2) - bson (4.9.2) + bson (4.15.0) builder (3.2.4) - bullet (6.1.0) + bullet (7.0.3) activesupport (>= 3.0.0) uniform_notifier (~> 1.11) - byebug (11.1.1) - capybara (3.36.0) + byebug (11.1.3) + capybara (3.37.1) addressable matrix mini_mime (>= 0.1.3) @@ -90,11 +100,16 @@ GEM closure_tree (7.4.0) activerecord (>= 4.2.10) with_advisory_lock (>= 4.0.0) - codecov (0.5.2) + codecov (0.6.0) simplecov (>= 0.15, < 0.22) - concurrent-ruby (1.1.9) + concurrent-ruby (1.1.10) crass (1.0.6) - database_cleaner (1.7.0) + database_cleaner (2.0.1) + database_cleaner-active_record (~> 2.0.0) + database_cleaner-active_record (2.0.1) + activerecord (>= 5.a) + database_cleaner-core (~> 2.0.0) + database_cleaner-core (2.0.1) declarative (0.0.20) devise (4.8.1) bcrypt (~> 3.0) @@ -102,48 +117,46 @@ GEM railties (>= 4.1.0) responders warden (~> 1.2.3) - devise-security (0.14.3) - devise (>= 4.3.0, < 5.0) - rails (>= 4.2.0, < 7.0) + devise-security (0.17.0) + devise (>= 4.3.0) devise_lastseenable (0.0.6) devise rails (>= 3.0.4) - diff-lcs (1.4.4) - diffy (3.4.1) + diff-lcs (1.5.0) + diffy (3.4.2) + digest (3.1.0) digest-crc (0.6.4) rake (>= 12.0.0, < 14.0.0) - discard (1.2.0) - activerecord (>= 4.2, < 7) + discard (1.2.1) + activerecord (>= 4.2, < 8) docile (1.4.0) - doorkeeper (5.4.0) + doorkeeper (5.6.0) railties (>= 5) - dotenv (2.7.4) - dotenv-rails (2.7.4) - dotenv (= 2.7.4) - railties (>= 3.2, < 6.1) - email_address (0.1.16) - netaddr (>= 2.0.4, < 3) + dotenv (2.8.1) + dotenv-rails (2.8.1) + dotenv (= 2.8.1) + railties (>= 3.2) + email_address (0.2.4) simpleidn - erubi (1.10.0) - factory_bot (5.1.1) - activesupport (>= 4.2.0) - factory_bot_rails (5.1.1) - factory_bot (~> 5.1.0) - railties (>= 4.2.0) - faker (2.19.0) - i18n (>= 1.6, < 2) - faraday (1.3.0) - faraday-net_http (~> 1.0) - multipart-post (>= 1.2, < 3) - ruby2_keywords - faraday-net_http (1.0.1) + erubi (1.11.0) + factory_bot (6.2.1) + activesupport (>= 5.0.0) + factory_bot_rails (6.2.0) + factory_bot (~> 6.2.0) + railties (>= 5.0.0) + faker (2.23.0) + i18n (>= 1.8.11, < 2) + faraday (2.5.2) + faraday-net_http (>= 2.0, < 3.1) + ruby2_keywords (>= 0.0.4) + faraday-net_http (3.0.0) ffi (1.15.5) ffi (1.15.5-x64-mingw32) - filterrific (5.2.1) - geocoder (1.6.2) - globalid (0.4.2) - activesupport (>= 4.2.0) - google-apis-core (0.6.0) + filterrific (5.2.3) + geocoder (1.8.0) + globalid (1.0.0) + activesupport (>= 5.0) + google-apis-core (0.9.0) addressable (~> 2.5, >= 2.5.1) googleauth (>= 0.16.2, < 2.a) httpclient (>= 2.8.1, < 3.a) @@ -152,135 +165,147 @@ GEM retriable (>= 2.0, < 4.a) rexml webrick - google-apis-iamcredentials_v1 (0.12.0) - google-apis-core (>= 0.6, < 2.a) - google-apis-storage_v1 (0.15.0) - google-apis-core (>= 0.5, < 2.a) + google-apis-iamcredentials_v1 (0.14.0) + google-apis-core (>= 0.7.2, < 2.a) + google-apis-storage_v1 (0.17.0) + google-apis-core (>= 0.7, < 2.a) google-cloud-core (1.6.0) google-cloud-env (~> 1.0) google-cloud-errors (~> 1.0) google-cloud-env (1.6.0) faraday (>= 0.17.3, < 3.0) - google-cloud-errors (1.2.0) - google-cloud-storage (1.36.2) + google-cloud-errors (1.3.0) + google-cloud-storage (1.42.0) addressable (~> 2.8) digest-crc (~> 0.4) google-apis-iamcredentials_v1 (~> 0.1) - google-apis-storage_v1 (~> 0.1) + google-apis-storage_v1 (~> 0.17.0) google-cloud-core (~> 1.6) googleauth (>= 0.16.2, < 2.a) mini_mime (~> 1.0) - googleauth (1.1.3) + googleauth (1.2.0) faraday (>= 0.17.3, < 3.a) jwt (>= 1.4, < 3.0) memoist (~> 0.16) multi_json (~> 1.11) os (>= 0.9, < 2.0) signet (>= 0.16, < 2.a) - httparty (0.18.0) + httparty (0.20.0) mime-types (~> 3.0) multi_xml (>= 0.5.2) httpclient (2.8.3) - i18n (1.8.11) + i18n (1.12.0) concurrent-ruby (~> 1.0) - jbuilder (2.10.0) + jbuilder (2.11.5) + actionview (>= 5.0.0) activesupport (>= 5.0.0) jsonapi-renderer (0.2.2) - jwt (2.2.2) - kaminari (1.2.1) + jwt (2.5.0) + kaminari (1.2.2) activesupport (>= 4.1.0) - kaminari-actionview (= 1.2.1) - kaminari-activerecord (= 1.2.1) - kaminari-core (= 1.2.1) - kaminari-actionview (1.2.1) + kaminari-actionview (= 1.2.2) + kaminari-activerecord (= 1.2.2) + kaminari-core (= 1.2.2) + kaminari-actionview (1.2.2) actionview - kaminari-core (= 1.2.1) - kaminari-activerecord (1.2.1) + kaminari-core (= 1.2.2) + kaminari-activerecord (1.2.2) activerecord - kaminari-core (= 1.2.1) - kaminari-core (1.2.1) + kaminari-core (= 1.2.2) + kaminari-core (1.2.2) launchy (2.5.0) addressable (~> 2.7) listen (3.7.1) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) - loofah (2.18.0) + loofah (2.19.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) mail (2.7.1) mini_mime (>= 0.1.1) - mail-notify (1.0.4) - actionmailer (>= 5.2.4.3) - actionpack (>= 5.2.4.3) - actionview (>= 5.2.4.3) - activesupport (>= 5.2.4.3) + mail-notify (1.1.0) + actionmailer (>= 5.2.4.6) + actionpack (>= 5.2.7.1) + actionview (>= 5.2.7.1) + activesupport (>= 5.2.4.6) notifications-ruby-client (~> 5.1) - rack (>= 2.1.4) - marcel (1.0.0) + rack (>= 2.1.4.1) + marcel (1.0.2) matrix (0.4.2) memoist (0.16.2) method_source (1.0.0) mime-types (3.4.1) mime-types-data (~> 3.2015) - mime-types-data (3.2021.1115) + mime-types-data (3.2022.0105) mini_mime (1.1.2) mini_portile2 (2.8.0) - minitest (5.15.0) - mongo (2.12.1) - bson (>= 4.8.2, < 5.0.0) - msgpack (1.4.5) + minitest (5.16.3) + mongo (2.18.1) + bson (>= 4.14.1, < 5.0.0) + msgpack (1.5.6) multi_json (1.15.0) multi_xml (0.6.0) - multipart-post (2.1.1) - netaddr (2.0.4) + net-imap (0.2.3) + digest + net-protocol + strscan + net-pop (0.1.1) + digest + net-protocol + timeout + net-protocol (0.1.3) + timeout + net-smtp (0.3.1) + digest + net-protocol + timeout nio4r (2.5.8) - nokogiri (1.13.6) + nokogiri (1.13.8) mini_portile2 (~> 2.8.0) racc (~> 1.4) - nokogiri (1.13.6-x64-mingw32) + nokogiri (1.13.8-x64-mingw32) racc (~> 1.4) notifications-ruby-client (5.3.0) jwt (>= 1.5, < 3) orm_adapter (0.5.0) os (1.1.4) - paper_trail (11.0.0) + paper_trail (13.0.0) activerecord (>= 5.2) request_store (~> 1.1) - pg (1.2.2) - pg (1.2.2-x64-mingw32) - pg_search (2.3.2) + pg (1.4.3) + pg (1.4.3-x64-mingw32) + pg_search (2.3.6) activerecord (>= 5.2) activesupport (>= 5.2) - public_suffix (4.0.6) + public_suffix (5.0.0) puma (4.3.12) nio4r (~> 2.0) racc (1.6.0) rack (2.2.4) - rack-attack (6.6.0) + rack-attack (6.6.1) rack (>= 1.0, < 3) rack-cors (1.1.1) rack (>= 2.0.0) - rack-mini-profiler (2.0.1) + rack-mini-profiler (3.0.0) rack (>= 1.2.0) - rack-proxy (0.7.2) + rack-proxy (0.7.4) rack - rack-test (1.1.0) - rack (>= 1.0, < 3) - rails (6.0.3.6) - actioncable (= 6.0.3.6) - actionmailbox (= 6.0.3.6) - actionmailer (= 6.0.3.6) - actionpack (= 6.0.3.6) - actiontext (= 6.0.3.6) - actionview (= 6.0.3.6) - activejob (= 6.0.3.6) - activemodel (= 6.0.3.6) - activerecord (= 6.0.3.6) - activestorage (= 6.0.3.6) - activesupport (= 6.0.3.6) - bundler (>= 1.3.0) - railties (= 6.0.3.6) - sprockets-rails (>= 2.0.0) + rack-test (2.0.2) + rack (>= 1.3) + rails (7.0.4) + actioncable (= 7.0.4) + actionmailbox (= 7.0.4) + actionmailer (= 7.0.4) + actionpack (= 7.0.4) + actiontext (= 7.0.4) + actionview (= 7.0.4) + activejob (= 7.0.4) + activemodel (= 7.0.4) + activerecord (= 7.0.4) + activestorage (= 7.0.4) + activesupport (= 7.0.4) + bundler (>= 1.15.0) + railties (= 7.0.4) rails-dom-testing (2.0.3) activesupport (>= 4.2.0) nokogiri (>= 1.6) @@ -290,46 +315,47 @@ GEM rails (>= 5.0.0) rails_email_validator (0.1.4) activemodel (>= 3.0.0) - railties (6.0.3.6) - actionpack (= 6.0.3.6) - activesupport (= 6.0.3.6) + railties (7.0.4) + actionpack (= 7.0.4) + activesupport (= 7.0.4) method_source - rake (>= 0.8.7) - thor (>= 0.20.3, < 2.0) + rake (>= 12.2) + thor (~> 1.0) + zeitwerk (~> 2.5) rake (13.0.6) - rb-fsevent (0.11.1) + rb-fsevent (0.11.2) rb-inotify (0.10.1) ffi (~> 1.0) - regexp_parser (2.2.0) + regexp_parser (2.5.0) representable (3.2.0) declarative (< 0.1.0) trailblazer-option (>= 0.1.1, < 0.2.0) uber (< 0.2.0) - request_store (1.5.0) + request_store (1.5.1) rack (>= 1.4) responders (3.0.1) actionpack (>= 5.0) railties (>= 5.0) retriable (3.1.2) rexml (3.2.5) - rspec-core (3.9.2) - rspec-support (~> 3.9.3) - rspec-expectations (3.9.2) + rspec-core (3.11.0) + rspec-support (~> 3.11.0) + rspec-expectations (3.11.1) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.9.0) - rspec-mocks (3.9.1) + rspec-support (~> 3.11.0) + rspec-mocks (3.11.1) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.9.0) - rspec-rails (4.0.1) - actionpack (>= 4.2) - activesupport (>= 4.2) - railties (>= 4.2) - rspec-core (~> 3.9) - rspec-expectations (~> 3.9) - rspec-mocks (~> 3.9) - rspec-support (~> 3.9) - rspec-support (3.9.3) - ruby2_keywords (0.0.4) + rspec-support (~> 3.11.0) + rspec-rails (6.0.0.rc1) + actionpack (>= 6.1) + activesupport (>= 6.1) + railties (>= 6.1) + rspec-core (~> 3.11) + rspec-expectations (~> 3.11) + rspec-mocks (~> 3.11) + rspec-support (~> 3.11) + rspec-support (3.11.1) + ruby2_keywords (0.0.5) rubyzip (2.3.2) sass-rails (6.0.0) sassc-rails (~> 2.1, >= 2.1.1) @@ -343,75 +369,73 @@ GEM sprockets (> 3.0) sprockets-rails tilt - selenium-webdriver (4.1.0) + selenium-webdriver (4.4.0) childprocess (>= 0.5, < 5.0) rexml (~> 3.2, >= 3.2.5) - rubyzip (>= 1.2.2) + rubyzip (>= 1.2.2, < 3.0) + websocket (~> 1.0) semantic_range (3.0.0) - sentry-rails (4.3.3) + sentry-rails (5.4.2) railties (>= 5.0) - sentry-ruby-core (~> 4.3.0) - sentry-ruby (4.3.1) + sentry-ruby (~> 5.4.2) + sentry-ruby (5.4.2) concurrent-ruby (~> 1.0, >= 1.0.2) - faraday (>= 1.0) - sentry-ruby-core (= 4.3.1) - sentry-ruby-core (4.3.1) - concurrent-ruby - faraday - shoulda-matchers (4.3.0) - activesupport (>= 4.2.0) - signet (0.16.1) + shoulda-matchers (5.2.0) + activesupport (>= 5.2.0) + signet (0.17.0) addressable (~> 2.8) - faraday (>= 0.17.5, < 3.0) + faraday (>= 0.17.5, < 3.a) jwt (>= 1.5, < 3.0) multi_json (~> 1.10) simplecov (0.21.2) docile (~> 1.1) simplecov-html (~> 0.11) simplecov_json_formatter (~> 0.1) - simplecov-cobertura (1.4.2) - simplecov (~> 0.8) + simplecov-cobertura (2.1.0) + rexml + simplecov (~> 0.19) simplecov-html (0.12.3) simplecov_json_formatter (0.1.4) - simpleidn (0.1.1) + simpleidn (0.2.1) unf (~> 0.1.4) - spring (2.1.0) + spring (2.1.1) spring-watcher-listen (2.0.1) listen (>= 2.7, < 4.0) spring (>= 1.2, < 3.0) - sprockets (4.0.2) + sprockets (4.1.1) concurrent-ruby (~> 1.0) rack (> 1, < 3) - sprockets-rails (3.2.2) - actionpack (>= 4.0) - activesupport (>= 4.0) + sprockets-rails (3.4.2) + actionpack (>= 5.2) + activesupport (>= 5.2) sprockets (>= 3.0.0) - thor (1.1.0) - thread_safe (0.3.6) - tilt (2.0.10) + strscan (3.0.4) + thor (1.2.1) + tilt (2.0.11) + timeout (0.3.0) trailblazer-option (0.1.2) turbolinks (5.2.1) turbolinks-source (~> 5.2) turbolinks-source (5.2.0) - tzinfo (1.2.10) - thread_safe (~> 0.1) - tzinfo-data (1.2020.1) + tzinfo (2.0.5) + concurrent-ruby (~> 1.0) + tzinfo-data (1.2022.3) tzinfo (>= 1.0.0) uber (0.1.0) - uk_postcode (2.1.5) + uk_postcode (2.1.8) unf (0.1.4) unf_ext - unf_ext (0.0.7.7) - unf_ext (0.0.7.7-x64-mingw32) - uniform_notifier (1.13.0) + unf_ext (0.0.8.2) + unf_ext (0.0.8.2-x64-mingw32) + uniform_notifier (1.16.0) warden (1.2.9) rack (>= 2.0.9) - web-console (4.0.1) + web-console (4.2.0) actionview (>= 6.0.0) activemodel (>= 6.0.0) bindex (>= 0.4.0) railties (>= 6.0.0) - webdrivers (5.0.0) + webdrivers (5.1.0) nokogiri (~> 1.6) rubyzip (>= 1.3.0) selenium-webdriver (~> 4.0) @@ -421,14 +445,15 @@ GEM railties (>= 5.2) semantic_range (>= 2.3.0) webrick (1.7.0) - websocket-driver (0.7.3) + websocket (1.2.9) + websocket-driver (0.7.5) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) with_advisory_lock (4.6.0) activerecord (>= 4.2) xpath (3.2.0) nokogiri (~> 1.8) - zeitwerk (2.5.1) + zeitwerk (2.6.0) PLATFORMS ruby @@ -471,10 +496,10 @@ DEPENDENCIES rack-attack rack-cors rack-mini-profiler - rails (~> 6.0.3, >= 6.0.3.6) + rails (~> 7.0) rails-settings-cached (~> 2.8) rails_email_validator - rspec-rails + rspec-rails (~> 6.0.0.rc1) sass-rails (>= 6) selenium-webdriver sentry-rails diff --git a/app/mailers/service_mailer.rb b/app/mailers/service_mailer.rb index 409ab122..8bb4f475 100644 --- a/app/mailers/service_mailer.rb +++ b/app/mailers/service_mailer.rb @@ -1,5 +1,6 @@ class ServiceMailer < ApplicationMailer - add_template_helper(FeedbacksHelper) + include FeedbacksHelper + helper FeedbacksHelper def notify_watcher_email @service = params[:service] diff --git a/app/models/note.rb b/app/models/note.rb index 334712aa..4164b22c 100644 --- a/app/models/note.rb +++ b/app/models/note.rb @@ -1,6 +1,6 @@ class Note < ApplicationRecord belongs_to :service, counter_cache: true - belongs_to :user + belongs_to :user, optional: true validates_presence_of :body, length: { maximum: 200 } end diff --git a/app/serializers/regular_schedule_serializer.rb b/app/serializers/regular_schedule_serializer.rb index a43c004a..b1f49e0a 100644 --- a/app/serializers/regular_schedule_serializer.rb +++ b/app/serializers/regular_schedule_serializer.rb @@ -8,11 +8,11 @@ def weekday end def opens_at - object.opens_at.to_s(:time) + object.opens_at.to_fs(:time) end def closes_at - object.closes_at.to_s(:time) + object.closes_at.to_fs(:time) end end diff --git a/config/application.rb b/config/application.rb index ef6aa6b3..e573694c 100644 --- a/config/application.rb +++ b/config/application.rb @@ -11,7 +11,7 @@ module Outpost class Application < Rails::Application # Initialize configuration defaults for originally generated Rails version. - config.load_defaults 6.0 + config.load_defaults 7.0 config.active_model.i18n_customize_full_message = true # Settings in config/environments/* take precedence over those specified here. # Application configuration can go into files in config/initializers diff --git a/config/environments/development.rb b/config/environments/development.rb index 54e649e2..33cb00a6 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -1,4 +1,7 @@ Rails.application.configure do + # Do not eager load code on boot. + config.eager_load = false + config.after_initialize do Bullet.enable = true Bullet.alert = true @@ -8,16 +11,12 @@ Bullet.rails_logger = true Bullet.add_footer = true end - config.action_mailer.default_url_options = { host: 'localhost', port: 3000 } # In the development environment your application's code is reloaded on # every request. This slows down response time but is perfect for development # since you don't have to restart the web server when you make code changes. config.cache_classes = false - # Do not eager load code on boot. - config.eager_load = false - # Show full error reports. config.consider_all_requests_local = true @@ -42,11 +41,11 @@ # Don't care if the mailer can't send. config.action_mailer.raise_delivery_errors = false - config.action_mailer.perform_caching = false + config.action_mailer.default_url_options = { host: 'localhost', port: 3000 } # Print deprecation notices to the Rails logger. - config.active_support.deprecation = :log + config.active_support.deprecation = :stderr # Raise an error on page load if there are pending migrations. config.active_record.migration_error = :page_load diff --git a/config/environments/test.rb b/config/environments/test.rb index d2dc2a8b..c2b0db08 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -4,17 +4,21 @@ # and recreated between test runs. Don't rely on the data there! Rails.application.configure do + # Do not eager load code on boot. This avoids loading your whole application + # just for the purpose of running a single test. If you are using a tool that + # preloads Rails for running tests, you may have to set it to true. + config.eager_load = false + + # Print deprecation notices to the stderr. + config.active_support.deprecation = :stderr + config.after_initialize do Bullet.enable = true Bullet.bullet_logger = true Bullet.raise = false # raise an error if n+1 query occurs end - config.cache_classes = false - # Do not eager load code on boot. This avoids loading your whole application - # just for the purpose of running a single test. If you are using a tool that - # preloads Rails for running tests, you may have to set it to true. - config.eager_load = false + config.cache_classes = false # Configure public file server for tests with Cache-Control for performance. config.public_file_server.enabled = true @@ -36,19 +40,18 @@ # Store uploaded files on the local file system in a temporary directory. config.active_storage.service = :test - config.action_mailer.perform_caching = false - # Tell Action Mailer not to deliver emails to the real world. # The :test delivery method accumulates sent emails in the # ActionMailer::Base.deliveries array. config.action_mailer.delivery_method = :test - config.active_job.queue_adapter = :test + config.action_mailer.perform_caching = false - # Print deprecation notices to the stderr. - config.active_support.deprecation = :stderr + config.active_job.queue_adapter = :test Mongo::Logger.logger.level = Logger::ERROR + ENV['INSTANCE'] ||= 'buckinghamshire' + # Raises error for missing translations. # config.action_view.raise_on_missing_translations = true end diff --git a/config/initializers/devise-security.rb b/config/initializers/devise-security.rb deleted file mode 100644 index 2085ee01..00000000 --- a/config/initializers/devise-security.rb +++ /dev/null @@ -1,44 +0,0 @@ -# frozen_string_literal: true - -Devise.setup do |config| - # ==> Security Extension - # Configure security extension for devise - - # Should the password expire (e.g 3.months) - # config.expire_password_after = false - - # Need 1 char of A-Z, a-z and 0-9 - config.password_complexity = { digit: 1, lower: 1, upper: 1 } - - # How many passwords to keep in archive - # config.password_archiving_count = 5 - - # Deny old passwords (true, false, number_of_old_passwords_to_check) - # Examples: - # config.deny_old_passwords = falsere # allow old passwords - # config.deny_old_passwords = true # will deny all the old passwords - # config.deny_old_passwords = 3 # will deny new passwords that matches with the last 3 passwords - # config.deny_old_passwords = true - - # enable email validation for :secure_validatable. (true, false, validation_options) - # dependency: see https://github.com/devise-security/devise-security/blob/master/README.md#e-mail-validation - # config.email_validation = true - - # captcha integration for recover form - # config.captcha_for_recover = true - - # captcha integration for sign up form - # config.captcha_for_sign_up = true - - # captcha integration for sign in form - # config.captcha_for_sign_in = true - - # captcha integration for unlock form - # config.captcha_for_unlock = true - - # captcha integration for confirmation form - # config.captcha_for_confirmation = true - - # Time period for account expiry from last_activity_at - # config.expire_after = 90.days -end diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index 7a402f2f..f29d99b9 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -3,17 +3,6 @@ # Use this hook to configure devise mailer, warden hooks and so forth. # Many of these configuration options can be set straight in your model. Devise.setup do |config| - # The secret key used by Devise. Devise uses this key to generate - # random tokens. Changing this key will render invalid all existing - # confirmation, reset password and unlock tokens in the database. - # Devise will use the `secret_key_base` as its `secret_key` - # by default. You can change it below and use your own secret key. - # config.secret_key = '59587b67776da7ce4a53d6a958b73b08f31db4cae7e744bb338dd6a8fc010f215e744f6d95444fbc12a9103fff14db8f184ae941af6ce526cdc4cc0a88805422' - - # ==> Controller configuration - # Configure the parent class to the devise controllers. - # config.parent_controller = 'DeviseController' - # ==> Mailer Configuration # Configure the e-mail address which will be shown in Devise::Mailer, # note that it will be overwritten if you use your own mailer class @@ -23,10 +12,7 @@ # Configure the class responsible to send e-mails. config.mailer = 'DeviseMailer' - # config.parent_mailer = 'ApplicationMailer' - # Configure the parent class responsible to send e-mails. - # config.parent_mailer = 'ActionMailer::Base' config.parent_mailer = 'ApplicationMailer' # ==> ORM configuration @@ -36,22 +22,6 @@ require 'devise/orm/active_record' # ==> Configuration for any authentication mechanism - # Configure which keys are used when authenticating a user. The default is - # just :email. You can configure it to use [:username, :subdomain], so for - # authenticating a user, both parameters are required. Remember that those - # parameters are used only when authenticating and not when retrieving from - # session. If you need permissions, you should implement that in a before filter. - # You can also supply a hash where the value is a boolean determining whether - # or not authentication should be aborted when the value is not present. - # config.authentication_keys = [:email] - - # Configure parameters from the request object used for authentication. Each entry - # given should be a request method and it will automatically be passed to the - # find_for_authentication method and considered in your model lookup. For instance, - # if you set :request_keys to [:subdomain], :subdomain will be used on authentication. - # The same considerations mentioned for authentication_keys also apply to request_keys. - # config.request_keys = [] - # Configure which authentication keys should be case-insensitive. # These keys will be downcased upon creating or modifying a user and when used # to authenticate or find a user. Default is :email. @@ -62,30 +32,6 @@ # modifying a user and when used to authenticate or find a user. Default is :email. config.strip_whitespace_keys = [:email] - # Tell if authentication through request.params is enabled. True by default. - # It can be set to an array that will enable params authentication only for the - # given strategies, for example, `config.params_authenticatable = [:database]` will - # enable it only for database (email + password) authentication. - # config.params_authenticatable = true - - # Tell if authentication through HTTP Auth is enabled. False by default. - # It can be set to an array that will enable http authentication only for the - # given strategies, for example, `config.http_authenticatable = [:database]` will - # enable it only for database authentication. The supported strategies are: - # :database = Support basic authentication with authentication key + password - # config.http_authenticatable = false - - # If 401 status code should be returned for AJAX requests. True by default. - # config.http_authenticatable_on_xhr = true - - # The realm used in Http Basic Authentication. 'Application' by default. - # config.http_authentication_realm = 'Application' - - # It will change confirmation, password recovery and other workflows - # to behave the same regardless if the e-mail provided was right or wrong. - # Does not affect registerable. - # config.paranoid = true - # By default Devise will store the user in session. You can skip storage for # particular strategies by setting this option. # Notice that if you are skipping storage for all authentication paths, you @@ -93,18 +39,6 @@ # passing skip: :sessions to `devise_for` in your config/routes.rb config.skip_session_storage = [:http_auth] - # By default, Devise cleans up the CSRF token on authentication to - # avoid CSRF token fixation attacks. This means that, when using AJAX - # requests for sign in and sign up, you need to get a new CSRF token - # from the server. You can disable this option at your own risk. - # config.clean_up_csrf_token_on_authentication = true - - # When false, Devise will not attempt to reload routes on eager load. - # This can reduce the time taken to boot the app but if your application - # requires the Devise mappings to be loaded during boot time the application - # won't boot properly. - # config.reload_routes = true - # ==> Configuration for :database_authenticatable # For bcrypt, this is the cost for hashing the password and defaults to 11. If # using other algorithms, it sets how many times you want the password to be hashed. @@ -116,57 +50,17 @@ # a value of 20 is already extremely slow: approx. 60 seconds for 1 calculation). config.stretches = Rails.env.test? ? 1 : 11 - # Set up a pepper to generate the hashed password. - # config.pepper = '213c04bdbd99e60fa1e9d655fd73fa32739a98a8bce4d41650572a0509906f0b250709b52479077187bd9762b99f6e1236ef509ea2af40b3b81799dd778ba0eb' - - # Send a notification to the original email when the user's email is changed. - # config.send_email_changed_notification = false - - # Send a notification email when the user's password is changed. - # config.send_password_change_notification = false - # ==> Configuration for :confirmable - # A period that the user is allowed to access the website even without - # confirming their account. For instance, if set to 2.days, the user will be - # able to access the website for two days without confirming their account, - # access will be blocked just in the third day. - # You can also set it to nil, which will allow the user to access the website - # without confirming their account. - # Default is 0.days, meaning the user cannot access the website without - # confirming their account. - # config.allow_unconfirmed_access_for = 2.days - - # A period that the user is allowed to confirm their account before their - # token becomes invalid. For example, if set to 3.days, the user can confirm - # their account within 3 days after the mail was sent, but on the fourth day - # their account can't be confirmed with the token any more. - # Default is nil, meaning there is no restriction on how long a user can take - # before confirming their account. - # config.confirm_within = 3.days - # If true, requires any email changes to be confirmed (exactly the same way as # initial account confirmation) to be applied. Requires additional unconfirmed_email # db field (see migrations). Until confirmed, new email is stored in # unconfirmed_email column, and copied to email column on successful confirmation. config.reconfirmable = true - # Defines which key will be used when confirming an account - # config.confirmation_keys = [:email] - # ==> Configuration for :rememberable - # The time the user will be remembered without asking for credentials again. - # config.remember_for = 2.weeks - # Invalidates all the remember me tokens when the user signs out. config.expire_all_remember_me_on_sign_out = true - # If true, extends the user's remember period when remembered via cookie. - # config.extend_remember_period = false - - # Options to be passed to the created cookie. For instance, you can set - # secure: true in order to force SSL only cookies. - # config.rememberable_options = {} - # ==> Configuration for :validatable # Range for password length. config.password_length = 8..128 @@ -176,127 +70,17 @@ # to give user feedback and not to assert the e-mail validity. config.email_regexp = /\A[^@\s]+@[^@\s]+\z/ - # ==> Configuration for :timeoutable - # The time you want to timeout the user session without activity. After this - # time the user will be asked for credentials again. Default is 30 minutes. - # config.timeout_in = 30.minutes - - # ==> Configuration for :lockable - # Defines which strategy will be used to lock an account. - # :failed_attempts = Locks an account after a number of failed attempts to sign in. - # :none = No lock strategy. You should handle locking by yourself. - # config.lock_strategy = :failed_attempts - - # Defines which key will be used when locking and unlocking an account - # config.unlock_keys = [:email] - - # Defines which strategy will be used to unlock an account. - # :email = Sends an unlock link to the user email - # :time = Re-enables login after a certain amount of time (see :unlock_in below) - # :both = Enables both strategies - # :none = No unlock strategy. You should handle unlocking by yourself. - # config.unlock_strategy = :both - - # Number of authentication tries before locking an account if lock_strategy - # is failed attempts. - # config.maximum_attempts = 20 - - # Time interval to unlock the account if :time is enabled as unlock_strategy. - # config.unlock_in = 1.hour - - # Warn on the last attempt before the account is locked. - # config.last_attempt_warning = true - # ==> Configuration for :recoverable - # - # Defines which key will be used when recovering the password for an account - # config.reset_password_keys = [:email] - # Time interval you can reset your password with a reset password key. # Don't put a too small interval or your users won't have the time to # change their passwords. config.reset_password_within = 6.hours - # When set to false, does not sign a user in automatically after their password is - # reset. Defaults to true, so a user is signed in automatically after a reset. - # config.sign_in_after_reset_password = true - - # ==> Configuration for :encryptable - # Allow you to use another hashing or encryption algorithm besides bcrypt (default). - # You can use :sha1, :sha512 or algorithms from others authentication tools as - # :clearance_sha1, :authlogic_sha512 (then you should set stretches above to 20 - # for default behavior) and :restful_authentication_sha1 (then you should set - # stretches to 10, and copy REST_AUTH_SITE_KEY to pepper). - # - # Require the `devise-encryptable` gem when using anything other than bcrypt - # config.encryptor = :sha512 - - # ==> Scopes configuration - # Turn scoped views on. Before rendering "sessions/new", it will first check for - # "users/sessions/new". It's turned off by default because it's slower if you - # are using only default views. - # config.scoped_views = false - - # Configure the default scope given to Warden. By default it's the first - # devise role declared in your routes (usually :user). - # config.default_scope = :user - - # Set this configuration to false if you want /users/sign_out to sign out - # only the current scope. By default, Devise signs out all scopes. - # config.sign_out_all_scopes = true - # ==> Navigation configuration - # Lists the formats that should be treated as navigational. Formats like - # :html, should redirect to the sign in page when the user does not have - # access, but formats like :xml or :json, should return 401. - # - # If you have any extra navigational formats, like :iphone or :mobile, you - # should add them to the navigational formats lists. - # - # The "*/*" below is required to match Internet Explorer requests. - # config.navigational_formats = ['*/*', :html] - # The default HTTP method used to sign out a resource. Default is :delete. config.sign_out_via = :delete - # ==> OmniAuth - # Add a new OmniAuth provider. Check the wiki for more information on setting - # up on your models and hooks. - # config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'user,public_repo' - - # ==> Warden configuration - # If you want to use other strategies, that are not supported by Devise, or - # change the failure app, you can configure them inside the config.warden block. - # - # config.warden do |manager| - # manager.intercept_401 = false - # manager.default_strategies(scope: :user).unshift :some_external_strategy - # end - - # ==> Mountable engine configurations - # When using Devise inside an engine, let's call it `MyEngine`, and this engine - # is mountable, there are some extra configurations to be taken into account. - # The following options are available, assuming the engine is mounted as: - # - # mount MyEngine, at: '/my_engine' - # - # The router that invoked `devise_for`, in the example above, would be: - # config.router_name = :my_engine - # - # When using OmniAuth, Devise cannot automatically set OmniAuth path, - # so you need to do it manually. For the users scope, it would be: - # config.omniauth_path_prefix = '/my_engine/users/auth' - - # ==> Turbolinks configuration - # If your app is using Turbolinks, Turbolinks::Controller needs to be included to make redirection work correctly: - # - # ActiveSupport.on_load(:devise_failure_app) do - # include Turbolinks::Controller - # end - - # ==> Configuration for :registerable - - # When set to false, does not sign a user in automatically after their password is - # changed. Defaults to true, so a user is signed in automatically after changing a password. - # config.sign_in_after_change_password = true + # ==> Security Extension (devise-security) + # Need 1 char of A-Z, a-z and 0-9 + config.password_complexity = { digit: 1, lower: 1, upper: 1 } end diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb index f49d0eec..934f91aa 100644 --- a/config/initializers/doorkeeper.rb +++ b/config/initializers/doorkeeper.rb @@ -1,6 +1,7 @@ Doorkeeper.configure do default_scopes :public + # This block will be called to check whether the resource owner is authenticated or not. resource_owner_authenticator do current_user || begin session[:user_return_to] = request.fullpath @@ -8,6 +9,11 @@ end end + # If you didn't skip applications controller from Doorkeeper routes in your application routes.rb + # file then you need to declare this block in order to restrict access to the web interface for + # adding oauth authorized applications. In other case it will return 403 Forbidden response + # every time somebody will try to access the admin web interface. + # admin_authenticator do unless current_user.admin_users === true redirect_to new_user_session_url @@ -15,494 +21,3 @@ end end - - -# # frozen_string_literal: true - -# Doorkeeper.configure do -# # Change the ORM that doorkeeper will use (requires ORM extensions installed). -# # Check the list of supported ORMs here: https://github.com/doorkeeper-gem/doorkeeper#orms -# orm :active_record - -# # This block will be called to check whether the resource owner is authenticated or not. -# resource_owner_authenticator do -# raise "Please configure doorkeeper resource_owner_authenticator block located in #{__FILE__}" -# # Put your resource owner authentication logic here. -# # Example implementation: -# # User.find_by(id: session[:user_id]) || redirect_to(new_user_session_url) -# end - -# # If you didn't skip applications controller from Doorkeeper routes in your application routes.rb -# # file then you need to declare this block in order to restrict access to the web interface for -# # adding oauth authorized applications. In other case it will return 403 Forbidden response -# # every time somebody will try to access the admin web interface. -# # -# # admin_authenticator do -# # # Put your admin authentication logic here. -# # # Example implementation: -# # -# # if current_user -# # head :forbidden unless current_user.admin? -# # else -# # redirect_to sign_in_url -# # end -# # end - -# # You can use your own model classes if you need to extend (or even override) default -# # Doorkeeper models such as `Application`, `AccessToken` and `AccessGrant. -# # -# # Be default Doorkeeper ActiveRecord ORM uses it's own classes: -# # -# # access_token_class "Doorkeeper::AccessToken" -# # access_grant_class "Doorkeeper::AccessGrant" -# # application_class "Doorkeeper::Application" -# # -# # Don't forget to include Doorkeeper ORM mixins into your custom models: -# # -# # * ::Doorkeeper::Orm::ActiveRecord::Mixins::AccessToken - for access token -# # * ::Doorkeeper::Orm::ActiveRecord::Mixins::AccessGrant - for access grant -# # * ::Doorkeeper::Orm::ActiveRecord::Mixins::Application - for application (OAuth2 clients) -# # -# # For example: -# # -# # access_token_class "MyAccessToken" -# # -# # class MyAccessToken < ApplicationRecord -# # include ::Doorkeeper::Orm::ActiveRecord::Mixins::AccessToken -# # -# # self.table_name = "hey_i_wanna_my_name" -# # -# # def destroy_me! -# # destroy -# # end -# # end - -# # Enables polymorphic Resource Owner association for Access Tokens and Access Grants. -# # By default this option is disabled. -# # -# # Make sure you properly setup you database and have all the required columns (run -# # `bundle exec rails generate doorkeeper:enable_polymorphic_resource_owner` and execute Rails -# # migrations). -# # -# # If this option enabled, Doorkeeper will store not only Resource Owner primary key -# # value, but also it's type (class name). See "Polymorphic Associations" section of -# # Rails guides: https://guides.rubyonrails.org/association_basics.html#polymorphic-associations -# # -# # [NOTE] If you apply this option on already existing project don't forget to manually -# # update `resource_owner_type` column in the database and fix migration template as it will -# # set NOT NULL constraint for Access Grants table. -# # -# # use_polymorphic_resource_owner - -# # If you are planning to use Doorkeeper in Rails 5 API-only application, then you might -# # want to use API mode that will skip all the views management and change the way how -# # Doorkeeper responds to a requests. -# # -# # api_only - -# # Enforce token request content type to application/x-www-form-urlencoded. -# # It is not enabled by default to not break prior versions of the gem. -# # -# # enforce_content_type - -# # Authorization Code expiration time (default: 10 minutes). -# # -# # authorization_code_expires_in 10.minutes - -# # Access token expiration time (default: 2 hours). -# # If you want to disable expiration, set this to `nil`. -# # -# # access_token_expires_in 2.hours - -# # Assign custom TTL for access tokens. Will be used instead of access_token_expires_in -# # option if defined. In case the block returns `nil` value Doorkeeper fallbacks to -# # +access_token_expires_in+ configuration option value. If you really need to issue a -# # non-expiring access token (which is not recommended) then you need to return -# # Float::INFINITY from this block. -# # -# # `context` has the following properties available: -# # -# # `client` - the OAuth client application (see Doorkeeper::OAuth::Client) -# # `grant_type` - the grant type of the request (see Doorkeeper::OAuth) -# # `scopes` - the requested scopes (see Doorkeeper::OAuth::Scopes) -# # -# # custom_access_token_expires_in do |context| -# # context.client.application.additional_settings.implicit_oauth_expiration -# # end - -# # Use a custom class for generating the access token. -# # See https://doorkeeper.gitbook.io/guides/configuration/other-configurations#custom-access-token-generator -# # -# # access_token_generator '::Doorkeeper::JWT' - -# # The controller +Doorkeeper::ApplicationController+ inherits from. -# # Defaults to +ActionController::Base+ unless +api_only+ is set, which changes the default to -# # +ActionController::API+. The return value of this option must be a stringified class name. -# # See https://doorkeeper.gitbook.io/guides/configuration/other-configurations#custom-base-controller -# # -# # base_controller 'ApplicationController' - -# # Reuse access token for the same resource owner within an application (disabled by default). -# # -# # This option protects your application from creating new tokens before old valid one becomes -# # expired so your database doesn't bloat. Keep in mind that when this option is `on` Doorkeeper -# # doesn't updates existing token expiration time, it will create a new token instead. -# # Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/383 -# # -# # You can not enable this option together with +hash_token_secrets+. -# # -# # reuse_access_token - -# # In case you enabled `reuse_access_token` option Doorkeeper will try to find matching -# # token using `matching_token_for` Access Token API that searches for valid records -# # in batches in order not to pollute the memory with all the database records. By default -# # Doorkeeper uses batch size of 10 000 records. You can increase or decrease this value -# # depending on your needs and server capabilities. -# # -# # token_lookup_batch_size 10_000 - -# # Set a limit for token_reuse if using reuse_access_token option -# # -# # This option limits token_reusability to some extent. -# # If not set then access_token will be reused unless it expires. -# # Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/1189 -# # -# # This option should be a percentage(i.e. (0,100]) -# # -# # token_reuse_limit 100 - -# # Only allow one valid access token obtained via client credentials -# # per client. If a new access token is obtained before the old one -# # expired, the old one gets revoked (disabled by default) -# # -# # When enabling this option, make sure that you do not expect multiple processes -# # using the same credentials at the same time (e.g. web servers spanning -# # multiple machines and/or processes). -# # -# # revoke_previous_client_credentials_token - -# # Hash access and refresh tokens before persisting them. -# # This will disable the possibility to use +reuse_access_token+ -# # since plain values can no longer be retrieved. -# # -# # Note: If you are already a user of doorkeeper and have existing tokens -# # in your installation, they will be invalid without enabling the additional -# # setting `fallback_to_plain_secrets` below. -# # -# # hash_token_secrets -# # By default, token secrets will be hashed using the -# # +Doorkeeper::Hashing::SHA256+ strategy. -# # -# # If you wish to use another hashing implementation, you can override -# # this strategy as follows: -# # -# # hash_token_secrets using: '::Doorkeeper::Hashing::MyCustomHashImpl' -# # -# # Keep in mind that changing the hashing function will invalidate all existing -# # secrets, if there are any. - -# # Hash application secrets before persisting them. -# # -# # hash_application_secrets -# # -# # By default, applications will be hashed -# # with the +Doorkeeper::SecretStoring::SHA256+ strategy. -# # -# # If you wish to use bcrypt for application secret hashing, uncomment -# # this line instead: -# # -# # hash_application_secrets using: '::Doorkeeper::SecretStoring::BCrypt' - -# # When the above option is enabled, and a hashed token or secret is not found, -# # you can allow to fall back to another strategy. For users upgrading -# # doorkeeper and wishing to enable hashing, you will probably want to enable -# # the fallback to plain tokens. -# # -# # This will ensure that old access tokens and secrets -# # will remain valid even if the hashing above is enabled. -# # -# # fallback_to_plain_secrets - -# # Issue access tokens with refresh token (disabled by default), you may also -# # pass a block which accepts `context` to customize when to give a refresh -# # token or not. Similar to +custom_access_token_expires_in+, `context` has -# # the following properties: -# # -# # `client` - the OAuth client application (see Doorkeeper::OAuth::Client) -# # `grant_type` - the grant type of the request (see Doorkeeper::OAuth) -# # `scopes` - the requested scopes (see Doorkeeper::OAuth::Scopes) -# # -# # use_refresh_token - -# # Provide support for an owner to be assigned to each registered application (disabled by default) -# # Optional parameter confirmation: true (default: false) if you want to enforce ownership of -# # a registered application -# # NOTE: you must also run the rails g doorkeeper:application_owner generator -# # to provide the necessary support -# # -# # enable_application_owner confirmation: false - -# # Define access token scopes for your provider -# # For more information go to -# # https://doorkeeper.gitbook.io/guides/ruby-on-rails/scopes -# # -# # default_scopes :public -# # optional_scopes :write, :update - -# # Allows to restrict only certain scopes for grant_type. -# # By default, all the scopes will be available for all the grant types. -# # -# # Keys to this hash should be the name of grant_type and -# # values should be the array of scopes for that grant type. -# # Note: scopes should be from configured_scopes (i.e. default or optional) -# # -# # scopes_by_grant_type password: [:write], client_credentials: [:update] - -# # Forbids creating/updating applications with arbitrary scopes that are -# # not in configuration, i.e. +default_scopes+ or +optional_scopes+. -# # (disabled by default) -# # -# # enforce_configured_scopes - -# # Change the way client credentials are retrieved from the request object. -# # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then -# # falls back to the `:client_id` and `:client_secret` params from the `params` object. -# # Check out https://github.com/doorkeeper-gem/doorkeeper/wiki/Changing-how-clients-are-authenticated -# # for more information on customization -# # -# # client_credentials :from_basic, :from_params - -# # Change the way access token is authenticated from the request object. -# # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then -# # falls back to the `:access_token` or `:bearer_token` params from the `params` object. -# # Check out https://github.com/doorkeeper-gem/doorkeeper/wiki/Changing-how-clients-are-authenticated -# # for more information on customization -# # -# # access_token_methods :from_bearer_authorization, :from_access_token_param, :from_bearer_param - -# # Forces the usage of the HTTPS protocol in non-native redirect uris (enabled -# # by default in non-development environments). OAuth2 delegates security in -# # communication to the HTTPS protocol so it is wise to keep this enabled. -# # -# # Callable objects such as proc, lambda, block or any object that responds to -# # #call can be used in order to allow conditional checks (to allow non-SSL -# # redirects to localhost for example). -# # -# # force_ssl_in_redirect_uri !Rails.env.development? -# # -# # force_ssl_in_redirect_uri { |uri| uri.host != 'localhost' } - -# # Specify what redirect URI's you want to block during Application creation. -# # Any redirect URI is whitelisted by default. -# # -# # You can use this option in order to forbid URI's with 'javascript' scheme -# # for example. -# # -# # forbid_redirect_uri { |uri| uri.scheme.to_s.downcase == 'javascript' } - -# # Allows to set blank redirect URIs for Applications in case Doorkeeper configured -# # to use URI-less OAuth grant flows like Client Credentials or Resource Owner -# # Password Credentials. The option is on by default and checks configured grant -# # types, but you **need** to manually drop `NOT NULL` constraint from `redirect_uri` -# # column for `oauth_applications` database table. -# # -# # You can completely disable this feature with: -# # -# # allow_blank_redirect_uri false -# # -# # Or you can define your custom check: -# # -# # allow_blank_redirect_uri do |grant_flows, client| -# # client.superapp? -# # end - -# # Specify how authorization errors should be handled. -# # By default, doorkeeper renders json errors when access token -# # is invalid, expired, revoked or has invalid scopes. -# # -# # If you want to render error response yourself (i.e. rescue exceptions), -# # set +handle_auth_errors+ to `:raise` and rescue Doorkeeper::Errors::InvalidToken -# # or following specific errors: -# # -# # Doorkeeper::Errors::TokenForbidden, Doorkeeper::Errors::TokenExpired, -# # Doorkeeper::Errors::TokenRevoked, Doorkeeper::Errors::TokenUnknown -# # -# # handle_auth_errors :raise - -# # Customize token introspection response. -# # Allows to add your own fields to default one that are required by the OAuth spec -# # for the introspection response. It could be `sub`, `aud` and so on. -# # This configuration option can be a proc, lambda or any Ruby object responds -# # to `.call` method and result of it's invocation must be a Hash. -# # -# # custom_introspection_response do |token, context| -# # { -# # "sub": "Z5O3upPC88QrAjx00dis", -# # "aud": "https://protected.example.net/resource", -# # "username": User.find(token.resource_owner_id).username -# # } -# # end -# # -# # or -# # -# # custom_introspection_response CustomIntrospectionResponder - -# # Specify what grant flows are enabled in array of Strings. The valid -# # strings and the flows they enable are: -# # -# # "authorization_code" => Authorization Code Grant Flow -# # "implicit" => Implicit Grant Flow -# # "password" => Resource Owner Password Credentials Grant Flow -# # "client_credentials" => Client Credentials Grant Flow -# # -# # If not specified, Doorkeeper enables authorization_code and -# # client_credentials. -# # -# # implicit and password grant flows have risks that you should understand -# # before enabling: -# # http://tools.ietf.org/html/rfc6819#section-4.4.2 -# # http://tools.ietf.org/html/rfc6819#section-4.4.3 -# # -# # grant_flows %w[authorization_code client_credentials] - -# # Allows to customize OAuth grant flows that +each+ application support. -# # You can configure a custom block (or use a class respond to `#call`) that must -# # return `true` in case Application instance supports requested OAuth grant flow -# # during the authorization request to the server. This configuration +doesn't+ -# # set flows per application, it only allows to check if application supports -# # specific grant flow. -# # -# # For example you can add an additional database column to `oauth_applications` table, -# # say `t.array :grant_flows, default: []`, and store allowed grant flows that can -# # be used with this application there. Then when authorization requested Doorkeeper -# # will call this block to check if specific Application (passed with client_id and/or -# # client_secret) is allowed to perform the request for the specific grant type -# # (authorization, password, client_credentials, etc). -# # -# # Example of the block: -# # -# # ->(flow, client) { client.grant_flows.include?(flow) } -# # -# # In case this option invocation result is `false`, Doorkeeper server returns -# # :unauthorized_client error and stops the request. -# # -# # @param allow_grant_flow_for_client [Proc] Block or any object respond to #call -# # @return [Boolean] `true` if allow or `false` if forbid the request -# # -# # allow_grant_flow_for_client do |grant_flow, client| -# # # `grant_flows` is an Array column with grant -# # # flows that application supports -# # -# # client.grant_flows.include?(grant_flow) -# # end - -# # If you need arbitrary Resource Owner-Client authorization you can enable this option -# # and implement the check your need. Config option must respond to #call and return -# # true in case resource owner authorized for the specific application or false in other -# # cases. -# # -# # Be default all Resource Owners are authorized to any Client (application). -# # -# # authorize_resource_owner_for_client do |client, resource_owner| -# # resource_owner.admin? || client.owners_whitelist.include?(resource_owner) -# # end - -# # Hook into the strategies' request & response life-cycle in case your -# # application needs advanced customization or logging: -# # -# # before_successful_strategy_response do |request| -# # puts "BEFORE HOOK FIRED! #{request}" -# # end -# # -# # after_successful_strategy_response do |request, response| -# # puts "AFTER HOOK FIRED! #{request}, #{response}" -# # end - -# # Hook into Authorization flow in order to implement Single Sign Out -# # or add any other functionality. Inside the block you have an access -# # to `controller` (authorizations controller instance) and `context` -# # (Doorkeeper::OAuth::Hooks::Context instance) which provides pre auth -# # or auth objects with issued token based on hook type (before or after). -# # -# # before_successful_authorization do |controller, context| -# # Rails.logger.info(controller.request.params.inspect) -# # -# # Rails.logger.info(context.pre_auth.inspect) -# # end -# # -# # after_successful_authorization do |controller, context| -# # controller.session[:logout_urls] << -# # Doorkeeper::Application -# # .find_by(controller.request.params.slice(:redirect_uri)) -# # .logout_uri -# # -# # Rails.logger.info(context.auth.inspect) -# # Rails.logger.info(context.issued_token) -# # end - -# # Under some circumstances you might want to have applications auto-approved, -# # so that the user skips the authorization step. -# # For example if dealing with a trusted application. -# # -# # skip_authorization do |resource_owner, client| -# # client.superapp? or resource_owner.admin? -# # end - -# # Configure custom constraints for the Token Introspection request. -# # By default this configuration option allows to introspect a token by another -# # token of the same application, OR to introspect the token that belongs to -# # authorized client (from authenticated client) OR when token doesn't -# # belong to any client (public token). Otherwise requester has no access to the -# # introspection and it will return response as stated in the RFC. -# # -# # Block arguments: -# # -# # @param token [Doorkeeper::AccessToken] -# # token to be introspected -# # -# # @param authorized_client [Doorkeeper::Application] -# # authorized client (if request is authorized using Basic auth with -# # Client Credentials for example) -# # -# # @param authorized_token [Doorkeeper::AccessToken] -# # Bearer token used to authorize the request -# # -# # In case the block returns `nil` or `false` introspection responses with 401 status code -# # when using authorized token to introspect, or you'll get 200 with { "active": false } body -# # when using authorized client to introspect as stated in the -# # RFC 7662 section 2.2. Introspection Response. -# # -# # Using with caution: -# # Keep in mind that these three parameters pass to block can be nil as following case: -# # `authorized_client` is nil if and only if `authorized_token` is present, and vice versa. -# # `token` will be nil if and only if `authorized_token` is present. -# # So remember to use `&` or check if it is present before calling method on -# # them to make sure you doesn't get NoMethodError exception. -# # -# # You can define your custom check: -# # -# # allow_token_introspection do |token, authorized_client, authorized_token| -# # if authorized_token -# # # customize: require `introspection` scope -# # authorized_token.application == token&.application || -# # authorized_token.scopes.include?("introspection") -# # elsif token.application -# # # `protected_resource` is a new database boolean column, for example -# # authorized_client == token.application || authorized_client.protected_resource? -# # else -# # # public token (when token.application is nil, token doesn't belong to any application) -# # true -# # end -# # end -# # -# # Or you can completely disable any token introspection: -# # -# # allow_token_introspection false -# # -# # If you need to block the request at all, then configure your routes.rb or web-server -# # like nginx to forbid the request. - -# # WWW-Authenticate Realm (default: "Doorkeeper"). -# # -# # realm "Doorkeeper" -# end diff --git a/spec/features/using_custom_fields_spec.rb b/spec/features/using_custom_fields_spec.rb index 774e5cab..6c9f3d78 100644 --- a/spec/features/using_custom_fields_spec.rb +++ b/spec/features/using_custom_fields_spec.rb @@ -2,6 +2,10 @@ feature 'Using custom fields', type: :feature do context 'as a user manager' do + let!(:service) { FactoryBot.create :service } + let!(:custom_field_section) { FactoryBot.create :custom_field_section } + let(:date) { Date.today } + before do admin_user = FactoryBot.create :user, :user_manager login_as admin_user @@ -9,10 +13,6 @@ end scenario 'I can create and use custom fields for services', js: true do - service = FactoryBot.create :service - custom_field_section = FactoryBot.create :custom_field_section - date = Date.today - click_link 'Services' click_link 'Custom fields' click_link custom_field_section.name